?
Solved

Sonicwall UDP port forward

Posted on 2010-08-20
11
Medium Priority
?
1,663 Views
Last Modified: 2012-05-10
Greeting,

I have a Sonicwall NSA240 in my network.

I need to open UDP port 21068 and to nat it to this IP address : 172.16.117.5.

I have successfully created my firewall/nat rules with the built-in firewall wizard. (Which I already used to create other firewall / nat rules that currently works.)

The packets doesn't pass my firewall ..

I installed nmap to see if the UDP port are opened on my server and my firewall.

This is my command : nmap -p 21068 -sU -P0 SERVER

I try this command from my local network and this is what I've got

nmap -p 21068 -sU -P0 172.16.117.5

Nmap scan report for 172.16.117.5
Host is up (0.00s latency).
PORT      STATE         SERVICE
21068/udp open|filtered unknown
MAC Address: 00:02:D9:09:01:94 (Reliable Controls)
Nmap done: 1 IP address (1 host up) scanned in 0.59 seconds

I know that this port is open on the server.

I try the same command on my sonicwall

nmap -p 21068 -sU -P0 172.16.117.2

Nmap scan report for 172.16.117.2
Host is up (0.00s latency).
PORT      STATE         SERVICE
21068/udp open|filtered unknown
MAC Address: 00:17:C5:2C:5F:01 (SonicWALL)
Nmap done: 1 IP address (1 host up) scanned in 0.61 seconds

It's supposed to be opened on my sonicwall as well...

I decided to try any other UDP scan port on the server to see if the nmap output was right. When the port isn't open it give me something like this :

PORT STATE SERVICE
34        Closed  unknown

I try the same thing on my Sonicwall but it always told me that the requested UDP port is open ?

I also try the nmap scan from the outside of my network.. it gives me the same output (all udp port seems to be open)

Does all my UDP ports are open in my sonicwall ?

Also, do you have any idea why I can't access my server on the port I opened ?
0
Comment
Question by:tblinc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 33

Expert Comment

by:digitap
ID: 33489069
I'd check the log with a connection attempt going to see what it hits.  On the NSA 240, you can setup a packet capture to see if it's getting through.  You might also consider disabling any of the security services for a testing period.  Additionally, check the LAN > WAN and WAN > LAN rules to confirm they're accurate.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33489074
also, please post the logs back here so we can have a look at them.
0
 

Author Comment

by:tblinc
ID: 33503957
I set up a VPN connexion instead. My VPN connection is able to built successfully but I can only ping my dns server and my sonicwall.

I can't ping anything else on my network.

I try to add a firewall rule

VPN -> LAN allow any  but it doesn't work
0
Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

 
LVL 33

Expert Comment

by:digitap
ID: 33504258
what does the lan to vpn rule look like?
0
 

Author Comment

by:tblinc
ID: 33504388
Priority      Source                                           Destination                   Service  Action       Users  
1              WAN RemoteAccess Networks  Vpn DHCP Clients   Any          Allow       All                           
0
 

Author Comment

by:tblinc
ID: 33504452
I saw this when I try to ping something in my network


log.jpg
0
 
LVL 33

Expert Comment

by:digitap
ID: 33504630
Thanks for your patience.

You need to look at the LAN > VPN and VPN > LAN settings.  I don't get the feeling that we're getting there yet.  The best way is to go to Firewall > Access Rules.  Click the radio button called "Drop-down Boxes" and select the From Zone and To Zone.

Regarding the screen shot, IPS is only alerting of the ping.  Since you are not blocking Low alerts, it's only notifying not dropping.
0
 

Accepted Solution

by:
tblinc earned 0 total points
ID: 33626734
I finally find what was my error.

I have a Client and server Antivirus software provided by my sonicwall. The computer in question doesn't have the antivirus installed. So all the traffic was reaching this computer but the computer itselft cannot send anything on the network.

I removed it from the scope and it finally works successfully.

Thank you for your help.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33626778
So, the sonicwall was blocking it because it didn't have the AV client installed, right?
0
 

Author Comment

by:tblinc
ID: 33626948
right
0
 
LVL 33

Expert Comment

by:digitap
ID: 33627043
didn't think of that.  guess i didn't realize you were using the client AV as well as the gateway AV on the sonicwall.
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question